The past few years have seen an ever-increasing level of attacks on computer systems and servers. Malicious hackers spend hours on end trying to identify security holes via which they can embed viruses, Trojans, etc. Almost as soon as an operating system (OS) vendor publishes a security patch to defeat a particular attack scheme, the hackers have figured out another way to defeat the software. Once viruses and the like appear on servers, an entire network of computers is susceptible to attack by those viruses.
In addition to malicious attacks in which the intent is to cause widespread system damage, networks are also prone to security breaches that enable data to be “stolen.” For example, recent attacks have been made on various electronic storefront servers to steal credit card information and other user information. These types of attacks have lead to an escalating need for substantially improved security measures.
In view of the severity and frequency of the foregoing, a new direction has been proposed to replace today's security paradigm. A more proactive approach to security is presently being designed into the next generation of operating systems, which are referred to as trusted operating systems (TOS), secure operating systems (SOS), and secure and trusted operating systems (STOS). Current security efforts suffer from the flawed assumption that adequate security can be provided in applications with the existing security mechanisms of mainstream operating systems. In reality, the need for secure operating systems is growing in today's computing environment due to substantial increases in connectivity and data sharing. The threats posed by the modem computing environment cannot be addressed without secure operating systems. Any security effort which ignores this fact can only result in a ‘fortress built upon sand’.
In contrast to today's scheme of security mechanisms layered over an unsecure core (e.g., a mainstream OS), the new approach begins with a trusted core that may only be accessed by users having appropriate security credentials. In this context, it is noted that users are not limited to humans, but rather also include programmatic entities such as software applications and the like. A chain of trust is maintained by the TOS or STOS to ensure that only trustworthy users may access secured portions of the OS, while other unsecure portions do not require the same level of authentication to access. The end result is that unqualified access is denied.
Many of the foregoing security concerns are currently being addressed by various consortiums and the like. On such organization, the Trusted Computing Group (TCG) is an industry consortium concerned with platform and network security. The TCG has defined various security measures that are implemented using a TCG token comprising a trusted platform module (TPM). Generally, TPM functionality may be embodied as a hardware device (most common) or via software (i.e., a virtual TPM). For example, integrated circuits have been recently introduced to support TPM functionality, such as National Semiconductor's TCG-compliant security controller, or similar integrated circuits made by Atmel Corporation and Infineon Technologies AG. While hardware-based TPM devices provide built-in measures for detecting physical attacks, there are currently no commensurate measures available to software-based TPMs.